I am not aware of anything like that built into ConfD. If that’s indeed the case, you are on your own. This means that:
you need to have the value N, number of failed attempts before a lock, somewhere in your data model
you need to take care of the authentication - either a rather simple external authentication binary that uses ConfD’s AAA model for usernames and passwords, or use a system like PAM with its plugins
if you use PAM, you also need to have a subscriber that tells the PAM plugin about changes in the value N.